isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,492 Commits 1 Branch 0 Tags
91b6d71a042ceeb2c5d458d37fa72f0c0bdeb79c
Commit Graph

9492 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
4c4f44621f Changes in 1.8.26 (so far). 2018-09-24 06:09:07 -06:00
Todd C. Miller
d537daf787 Treat LOGIN, LOGNAME and USER specially. If one is preserved 
or deleted we want to preserve or delete all of them.
 2018-09-24 05:30:28 -06:00
Todd C. Miller
5f61f2c0f4 Remove special handling of the USERNAME environment variable. It 
used to be set on old versions of Fedora but that hasn't been the
case for some time.  It's worth noting that ssh doesn't set USERNAME
either.
 2018-09-24 05:30:03 -06:00
Todd C. Miller
ce9a7dd25a sudo 1.8.26 2018-09-24 05:29:21 -06:00
Todd C. Miller
9abcd61607 Remove unused system_maxgroups argument from fill_group_list(). 2018-09-22 12:56:11 -06:00
Todd C. Miller
d8870177c2 Pass getgrouplist() NGROUPS_MAX+1, not NGROUPS_MAX so we have room 
for the primary gid.
 2018-09-22 12:55:44 -06:00
Todd C. Miller
72ce2c807b In print_member_json_int() eliminate the need_newline variable 
and just move the non-alias expansion printing bits into the
else clause, including the newline and comma printing.
 2018-09-20 15:15:14 -06:00
Todd C. Miller
8bf279b11e Add regress test for bug #853 2018-09-20 15:10:15 -06:00
Todd C. Miller
8aad365082 When expanding an alias in print_member_json_int() avoid printing 
an extra comma at the end of the entry.  Bug #853.
 2018-09-20 14:56:25 -06:00
Todd C. Miller
8e1e464331 Add Kan Sasaki 2018-09-12 09:07:07 -06:00
Todd C. Miller
365a1ecd46 sudo 1.8.25p1 2018-09-12 09:03:28 -06:00
Todd C. Miller
c639c965cf Fix a crash in the event system's poll() backend introduced with 
support for nanosecond timers.  Only affects systems without ppoll().
Bug #851
 2018-09-12 07:02:13 -06:00
Todd C. Miller
1a9b932ffd regen 2018-09-02 06:29:32 -06:00
Todd C. Miller
27e549a3ef Allow for some clock drift due to ntpd, etc. 2018-08-31 09:22:59 -06:00
Todd C. Miller
470a7830dc If sudo_lock_file() fails for a reason other than the file already 
being locked, give the user a chance to edit anyway.
 2018-08-31 08:08:45 -06:00
Todd C. Miller
0715b55474 Quick sort is not a stable sort; use distinct sudoOrder values so 
the output is predictable.
 2018-08-30 14:43:24 -06:00
Todd C. Miller
a924b4610b Fix warnings on OpenIndiana (Illumos) 2018-08-30 14:06:18 -06:00
Todd C. Miller
765d99e1f9 Correct ldap_to_sudoers() return value. 2018-08-30 13:47:02 -06:00
Todd C. Miller
6e4f8c8cd2 Bug #849 2018-08-30 09:22:16 -06:00
Todd C. Miller
ae04b40c05 The sssd backend used to take the first match, assuming that entries 
were sorted in descending order by sudoOrder.  That allowed it to
avoid iterating over the entire list of rules.  Now that we convert
to a sudoers parse tree, we need to convert rules in ascending
order, not descending.  The simplest way to accomplish this is to
simply iterate over the rules from last to first, reversing the
sort order.  Bug #849
 2018-08-30 08:36:09 -06:00
Todd C. Miller
2221fbe2f1 Add some more ldif -> sudoers tests to verify sudoOrder. 2018-08-30 07:49:59 -06:00
Todd C. Miller
ea38e9d909 For conversion to a sudoers parse tree, ldap_entry_compare() now 
needs to sort in ascending order, not descending.  Bug #849
 2018-08-30 07:48:16 -06:00
Todd C. Miller
58445393a7 No need to set input_file for stdin in parse_ldif(); noted by clang analyzer. 2018-08-29 10:57:37 -06:00
Todd C. Miller
e0b413eb17 Use TIME_T_MAX when parsing the I/O log file timestamp and disallow 
negative times.
 2018-08-29 10:54:32 -06:00
Todd C. Miller
e318f27fba When parsing an I/O log timing line, store the result in a timespec, 
not a double.  The speed factor (for scaling the delay) in sudoreplay
is still a double but we only need to adjust the delay if the factor
is something other than 1.0.
 2018-08-29 09:57:12 -06:00
Todd C. Miller
f1f632665c Fix memory leak in test. 2018-08-29 07:38:27 -06:00
Todd C. Miller
f9b3223edb regen 2018-08-29 06:39:41 -06:00
Todd C. Miller
2ff7870263 Update conversion of DID_* to KEPT_* to match the new values of 
DID_* and KEPT_*.
 2018-08-28 20:25:06 -06:00
Todd C. Miller
8acc29dc01 Set the LOGIN environment variable on AIX like we do LOGNAME. 2018-08-28 18:32:39 -06:00
Todd C. Miller
fdd7296122 Add a test for the 4-argument au_close() function found in Solaris 
11 instead of assuming it is present if __sun is defined.  Fixes a
compilation error on OpenIndiana and older Solaris versions.
 2018-08-27 13:50:23 -06:00
Todd C. Miller
a22296788c Add Miguel Sanders and Scott Cheloha 2018-08-27 11:09:50 -06:00
Todd C. Miller
5bac1e0ddc testsudoers changes 2018-08-27 09:25:40 -06:00
Todd C. Miller
901b2666fc Add ldif support to testsudoers 2018-08-27 05:21:04 -06:00
Todd C. Miller
4782b22a47 Move ldif -> sudoers conversion code into parse_ldif.c 2018-08-26 20:02:49 -06:00
Todd C. Miller
52d54997ee Move string list functions to their own file. 2018-08-26 19:48:14 -06:00
Todd C. Miller
5fea22e514 sync 2018-08-26 19:31:20 -06:00
Todd C. Miller
63f7aa8fcf Backward ABI compatibility for even functions that use a timeval. 2018-08-25 21:02:07 -06:00
Todd C. Miller
6b76f9dbd3 Use a monotonic timer for the event subsystem. 2018-08-25 21:02:06 -06:00
Todd C. Miller
04d1f56d90 Use struct timespec, not struct timeval in the event subsystem. 
Use ppoll() or pselect() if avaialble which use timespec.
 2018-08-25 21:02:05 -06:00
Todd C. Miller
1f248504af sync 2018-08-24 11:34:31 -06:00
Todd C. Miller
5d1dddc467 Eliminate most use of parsed_sudoers in cvtsudoers 2018-08-24 10:27:00 -06:00
Todd C. Miller
b2e3adccf3 Make alias_apply() take 3 arguments, the first being a pointer to the 
struct sudoers_parse_tree.
 2018-08-24 09:52:53 -06:00
Todd C. Miller
4b3c8a73a0 Handle systems where root's gid is not 0. 2018-08-23 16:21:28 -06:00
Todd C. Miller
2960e3963d Add missing files from last commit. 2018-08-23 15:50:17 -06:00
Todd C. Miller
aaad554cda Add regress test for I/O log plugin endpoints 2018-08-23 15:35:02 -06:00
Todd C. Miller
0d36ea9325 We cannot reuse last_time for the I/O log info file now that it is 
a monotonic timer.  Just call time(3) in write_info_log() directly.
 2018-08-23 13:50:00 -06:00
Todd C. Miller
59e5e379be Move the loop to free the monitor_messages list into free_exec_closure_pty() 2018-08-23 11:10:57 -06:00
Todd C. Miller
93fc7cf6da regen 2018-08-23 08:09:42 -06:00
Todd C. Miller
fe965c3a31 Fix typo in last commit. 2018-08-22 19:15:26 -06:00
Todd C. Miller
d876602dbf Do not assume all Linux has linux/random.h. 
Add missing sys/syscall.h include
 2018-08-22 15:12:11 -06:00